package controller;

import java.io.IOException;
import java.sql.PreparedStatement;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import model.UserGroup;

import core.CurrentUser;
import core.PgSQL;
import core.View;

public class DeleteQuestion extends HttpServlet {
	private static final long serialVersionUID = 1L;
	static private PgSQL db = PgSQL.getInstance();

	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		CurrentUser user = new CurrentUser(request);
		if(!user.getGroup().hasPermission(UserGroup.DELETE_QUESTION)){
			View.showMessage(request, response, "You have no permission to delete questions.", "back");
			return;
		}
		
		String qid_str = request.getParameter("qid");
		String confirm = request.getParameter("confirm");
		
		if(qid_str == null){
			View.showMessage(request, response, "非法操作。", "index.jsp");
			return;
		}
		
		try{
			if(confirm == null){
				View.showMessage(request, response, "您确认要删除该选择题吗？", "confirm");
				return;
			}
			
			int qid = Integer.parseInt(qid_str);
			PreparedStatement st = db.prepareStatement("DELETE FROM qz_choicequestion WHERE qid=?");
			st.setInt(1, qid);
			st.executeUpdate();
			View.showMessage(request, response, "成功删除指定的选择题。", "refresh");
			
		}catch(Exception e){
			e.printStackTrace();
		}
	}

}
